Lesson 13

Date: 7/3/2017
Application security and Intrusion detection
Linux System Administration

System Integrity Checkers

  • IDS: Host based (tripwire) and Network based (Snort).
  • Tripwire (System integrity scanner). Creates a chacksum of the system after fresh installation and verifies the it on a regular basis, running through cron.

    GNUtar, tar -d (Check for system modifications)

    For example,
    tar -df DOC.tar DOC
    shows how files in directory DOC are different from the archive:
    Uid differs
    Gid differs
    Mod time differs
    Size differs

  • Take me to the Course Website